Recently active topics

 Hi team,Is there a way to see or get API logs to know which user has performed what kind of api calls & actions ( read / view / change)  using thier account?

Sequential Thinking in NQE using State Pipeline One interesting challenge when writing logic in NQE is that the language does not support a traditional sequential programming style (loops, mutable variables, recursion, etc.).But we can emulate iteration by threading state through a series of transformations.This resembles techniques used in functional programming such as state threading or CPS-like transformations, where computation is expressed as a chain of pure transformations.Let’s look at a simple example: computing the integer log₂(i) using a sequential algorithm.Sequential C-like styleint log2(int i) {int e = 32, b = 0;while (e >= 1) { if (i >= 2 ** e) { i /= (2 ** e); b += e; } return b;}Conceptually, each loop iteration transforms the state:(i, e, b) → (i', e/2, b')Since NQE has no while statement, we first unroll the iterations:if (i >= 2^32) { i /= 2^32; b += 32; }if (i >= 2^16) { i /= 2^16; b += 16; }if (i >= 2^8) { i /= 2^8; b += 8; }if (i >= 2

I’ve brought this up a few times on calls with our account team. It would be really helpful if we could filter with a bit more flexibility in Sources & Inventories.Currently, if I’m searching for a Tag the logic is a “OR” so if I want a device in “APAC” && “Switch” && “Arista” I can’t get a reduced set of devices.It would be great to combine the filtering to isolate devices more quickly. 

This is a script that ​@rob helped greatly with. It parses through SNMP configuration on IOS-XE devices. Then does a comparison of the templates in the file and provides:What’s missing, what is extra, and the captured configuration.I’ve added additional functionality to leverage tagging, which helps identify which config block belongs to what kind of devices. I have documented as best I can, hopefully this helps other as much as it’s helping me. /*** * @intent SNMP Validation (IOS) * @description Validates Cisco IOS-XE SNMP configs and extracts community/host details. * * LOGIC SUMMARY: * 1. Checks device against 3 regional patterns (AMRS, EMEA, APAC). * 2. Uses the 'Hybrid Approach': * - Uses 'device.files.config' (Bag) for the blockDiff engine (Accuracy). * - Uses 'configAsString' (String) for Regex extraction (Speed). * 3. Outputs a clean table with missing lines and current settings.***/// Tagging Function to look for tagged devices in order to classify configuration appropriatelye

The Bottom Line Up Front (BLUF) In networking, we’ve spent decades eliminating single points of failure — redundant power, redundant links, redundant clusters. Recent policy shifts affecting AI providers are a reminder that AI models themselves can become a new kind of single point of failure. When organizations suddenly need to stop using a specific model due to policy, regulatory, or geopolitical reasons, entire workflows can break overnight. That’s why model-agnostic architectures are quickly becoming a requirement, not a luxury. A New Kind of Risk Engineers usually think about failure in technical terms: hardware failure network outages power loss AI introduces a different category of risk.If your product, automation pipeline, or internal workflow relies entirely on one AI provider, your roadmap becomes tied to that provider’s regulatory and business environment. That dependency may work fine today — until it doesn’t. The lesson here isn’t about which model is best. It’s about

Continuing scripts to pull more information from Cisco WLC’s. Find my original Cisco WAP post here: Pre-requisites:Add Custom Command to IOS-XE for collection “show ap image | inc None” Add Tag of “WLC” on your Wireless Controllers WLC’s are on c9800 running IOS-XE IOS-XE version is 17.x.x/*** @intent - pull Name & OS Versions from Cisco AP's via Cisco WLC's* @description Log into Cisco WLC's "C9800" and pull AP information from the controllers with "show ap image | inc None"**/// Pattern of output//AP_INFO = ```{APName:string} {PrimaryOS:string} {BackupOS:string}```;foreach device in network.deviceslet platform = device.platformforeach Tag in device.tagNameswhere Tag == "WLC"foreach Command in device.outputs.commandswhere Command.commandText == "show ap image | inc None"let parsed = parseConfigBlocks(OS.IOS_XE, Command.response) //parses text into lineslet matchData = blockMatches(parsed, AP_INFO) //applies pattern to linesforeach x in matchDataselect { name: device.name, Loca

 1This NQE script audits NTP configuration compliance for IOS-XE Branch devices in the AMRS and EMEA regions. It compares each device's running configuration against locally-defined gold standards (approved NTP server IPs per region, with variants for LAN switches, SDWAN routers, and WLCs — both with and without VRF syntax). For each device it identifies missing NTP servers (present in the standard but absent from the device) using blockDiff, and extra NTP servers (configured on the device but not in the approved list) using set subtraction. The results are output as a compliance table with a violation flag, the missing/extra server details, and device metadata derived from tags (region, environment, function, manager). Edit the IP’s in the xxxx Standard to your own (and remove what you don’t need).Additionally, there is a Utility in here (export_get_list_match_from_tags) at the beginning. The code requires the devices to be tagged with a region (AMRS APAC EMEA LATM) Thanks ​@rob for g

Version 26.2 of the platform introduces new enhancements to topology, including line drawing and multi-select capabilities.You will now see the Line tool in the Annotations section, allowing you to add straight lines to your network diagrams alongside the classic shapes already available. Lines can include arrows, be displayed as solid or dashed, and support the same colour options as any other annotation element.Multi-select enables you to select multiple annotation elements at once and move them as a single object, a valuable capability as your diagrams grow in scale and complexity.I spent some time this morning trying out the new features on one of our lab networks:Multiselect and lines in actionEnhancements such as these form part of our ongoing, iterative approach to evolving Topology into a comprehensive, one-stop destination for accurate and easily understood network diagramming.What enhancements would you like to see in the Topology? Let me know in the comments.

Keeping track of hardware lifecycle isn't just good practice anymore - in many cases, it's required. Regulations like Europe's Digital Operational Resilience Act (DORA) and the UK's Telecommunications Security Act (TSA) now require organisations to document legacy infrastructure.Forward Networks already provides End of Life (EoL) data for Cisco and F5 devices to help customers prepare for these audits. With our latest update, Check Point is now supported too. That means one less vendor to track manually.Using a simple NQE query, like the one I made below, you can quickly generate reports across your Cisco, F5, and Check Point environments for their EoL state. Add it as a verification check to get alerts when devices go EoL, or create a custom scorecard to monitor the current EoL status of your estate. foreach device in network.devicesforeach component in device.platform.componentslet componentViolation = if isPresent(component.support) && isPresent(co